<?php // no direct access
defined('_JEXEC') or die('Restricted access');

$message = '';

if (!function_exists('GetFieldInputSubForm')) {
  include('administrator/components/com_nspro/lib.php');
}

$db =& JFactory::getDBO();

if ($_POST["meditsub"]) {

  $db->setQuery('SELECT * FROM `#__nspro_subs` WHERE `email` = "' . mysql_escape_string($_POST["realmail"]) .'"');
  $msub = $db->loadObject();

  $result = ValidateExtraFields($_POST, true);

  if ($result === true) {
    $saved = SaveExtraFields($msub->id, $_POST, true);
    if ($saved === true) {
      $message = JText::_('Subscription Saved Successfully');
    }
    else {
      $message = $saved;
    }
  }
  else {
    $message = $result;
  }

  $newList = $_POST["mailing_lists2"];
  $nstr = '';
  if (count($newList) > 0) {
    foreach($newList as $nlid) {
      if ($nstr == '') {
        $nstr = mysql_escape_string($nlid);
      }
      else {
        $nstr = $nstr . ',' . mysql_escape_string($nlid);
      }
    }
  }

  $db->setQuery('UPDATE `#__nspro_subs` SET `name` = "'.mysql_escape_string($_POST['subname']).'", `mailing_lists` = "' . $nstr . '" WHERE `id` = ' . $msub->id);
  $db->Query();

  $myprecious = $msub->id;
  $myRealEmail = $msub->email;
  
  $db->setQuery('SELECT * FROM `#__nspro_subs` WHERE `id` = "'.mysql_escape_string($myprecious).'"');
  $msub = $db->loadObject();  
}
else {
  $myEmail = $_REQUEST['u'];

  $myprecious = -1;

  $myRealEmail = '';

  $db->setQuery('SELECT * FROM `#__nspro_subs` WHERE MD5(`email`) = "' . mysql_escape_string($myEmail) . '"');
  $msub = $db->loadObject();
  
  if ($msub) {
    $myprecious = $msub->id;
    $myRealEmail = $msub->email;
  }

}

if ($myprecious != -1) {

  if (is_null($msub)) {
    $db->setQuery('SELECT * FROM `#__nspro_subs` WHERE `id` = "' . mysql_escape_string($myprecious).'"');
    $msub = $db->loadObject();
  }

  $db->setQuery('SELECT `id`, `lname` FROM `#__nspro_lists` WHERE `published` = 1');
  $lists = $db->loadObjectList();

  print '<div id="componentheading">'.JText::_('Edit Subscription').'</div><br/><div id="nspro_editsub">';
  if ($message != '') {
    print $message . '<br/>';
  }

  $db->setQuery('SELECT * FROM `#__nspro_fields` WHERE `published` = true');
  $afields = $db->loadObjectList();

  $db->setQuery('SELECT * FROM `#__nspro_field_values` WHERE `subscriber_id` = "'.$msub->id.'"');
  $fieldValues = $db->loadObjectList();

  print '<form action="index.php?option=com_nspro&layout=editsub" method="post">';
  print '<fieldset id="nspro_editsub_fieldset" style="width:500px;">';
  print '<legend>'.JText::_('Subscription Data for Email:') . ' ' . $myRealEmail .'</legend>';
  print '<table cellpadding="2" border="0" id="nspro_editsub_table">';

  // extra fields
  foreach($afields as $afield) {
    if (!$afield->abovepos) {
      continue;
    }
    print '<tr style="border:none;"><td style="border:none; padding: 2px;">';
    print JText::_($afield->name);
    print '</td><td style="border:none; padding: 2px;">';
    $val = '';
    foreach($fieldValues as $fv) {
      if ($fv->field_id == $afield->id) {
        $val = $fv->value;
        if (isset($_POST['field'.$afield->id])) {
          if (!FieldHadError($message, $afield->name)) {
            $val = $_POST['field'.$afield->id];
          }
        }
        break;
      }
    }
    $fieldinput = GetFieldInputSubForm($afield, false, $val, 'site');
    print $fieldinput;
    print '</td></tr>';
  }

  print '<tr style="border:none;"><td style="border:none; padding: 2px;">' . JText::_('Name') . '</td><td style="border:none; padding: 2px;"><input type="text" class="inputbox" name="subname" value="' . $msub->name . '" size="60"/></td></tr>';
  print '<tr style="border:none;"><td style="border:none; padding: 2px;">' . JText::_('Email') . '</td><td style="border:none; padding: 2px;">' . $msub->email . '</td></tr>';
  print '<tr style="border:none;"><td style="border:none; padding: 2px;">' . JText::_('Mailing Lists') . '</td><td style="border:none; padding: 2px;"></td></tr>';
  $mySubLists = explode(',', $msub->mailing_lists);
  for ($j = 0; $j < count($lists); $j++) {
    $arow = $lists[$j];
    print '<tr style="border:none;"><td style="border:none; padding: 2px;"><input type="checkbox" name="mailing_lists2[]" value="'.$arow->id.'"';
    if (count($mySubLists) > 0) {
      foreach ($mySubLists as $myListID) {
        if ($arow->id == $myListID) {
          print ' checked="checked"';
        }
      }
    }
    print '/> '.$arow->lname . '</td></tr>';
  }

  // extra fields
  foreach($afields as $afield) {
    if ($afield->abovepos) {
      continue;
    }
    print '<tr style="border:none;"><td style="border:none; padding: 2px;">';
    print JText::_($afield->name);
    print '</td><td style="border:none; padding: 2px;">';
    $val = '';
    foreach($fieldValues as $fv) {
      if ($fv->field_id == $afield->id) {
        $val = $fv->value;
        if (isset($_POST['field'.$afield->id])) {
          if (!FieldHadError($message, $afield->name)) {
            $val = $_POST['field'.$afield->id];
          }
        }
        break;
      }
    }
    $fieldinput = GetFieldInputSubForm($afield, false, $val, 'site');
    print $fieldinput;
    print '</td></tr>';
  }

  print '</table>';
  print '</fieldset><br/>';
  print '<input type="submit" name="submiteditsub" value="'.JText::_('Save Subscription').'"/>';
  print '<input type="hidden" name="meditsub" value="true"/>';
  print '<input type="hidden" name="realmail" value="' . $myRealEmail . '"/>';
  print '</form>';
  print '</div>';
}
else {
  print '#edsb1: ' . JText::_('This link has expired');
}


?>
